Control: tags -1 moreinfo On Sat, 06 Apr 2019 22:59:16 +0200 Nicolas Braud-Santoni <nicoo@debian.org> wrote: > The latest upstream release contains security-critical changes (see #926551). Please be aware that without updates to that bug, your package will be removed from buster soon. When that happens, your package will not be allowed to migrate back in, so make sure you follow up, on that bug and on this one. > I apologise for the larger-than-necessary diff, which includes some packaging > changes that were pending upload :( Those changes can be reverted. The worse problem here is that you're bumping compat level here, that isn't allowed at this stage of the release. However, the biggest part of the changes come from the new upstream release. Not all changes by upstream in the changelog make sense to me without further investigation. In bug 926551 you seem to know which changes you want, how feasible is it to cherry-pick the security fixes instead of pulling in the full new upstream? That would make reviewing easier as your diff is big (the most likely reason why you didn't hear from us earlier). Paul
Attachment:
signature.asc
Description: OpenPGP digital signature